Iranian state-sponsored cyberwarfare is indistinguishable from script kiddies

Peter Gutmann pgut001 at
Mon Mar 28 18:22:30 PDT 2011

The original source of the info about the hack has now posted the private key
corresponding to one of the bogus certs at  The
public-key components are identical, haven't verified that the private key
matches yet, but I'm going to guess it will.

So a global CA wasn't 0wned by a nation-state cyberwar agency but by a random
script kiddie having some fun.  Oh the embarassment :-).


More information about the cypherpunks-legacy mailing list